Java Spotlight Episode 128: Joe McGlynn on Java Security Dialogs @jbmcglynn

Interview with Joe McGlynn, Director of Engineering at Oracle overseeing Java client development, on the new Java security dialogs, plugins and applet support.

Right-click or Control-click to download this MP3 file. You can also subscribe to the Java Spotlight Podcast Feed to get the latest podcast automatically. If you use iTunes you can open iTunes and subscribe with this link: Java Spotlight Podcast in iTunes.

Show Notes

News



Events

  • Apr 17-19, Oracle User Group, Norway
  • Apr 23-24, JavaOne Moscow, Russia
  • May 8-9, JavaOne Hyderabad, India
  • May 10, GIDS, Bangalore, India
  • May 14, Java Day Tokyo
  • May 18-19, Geecon, Poland
  • May 22-24, GR8Conf, Denmark
  • May 24-25, JEEConf, Kiev


Feature Interview

Joe McGlynn is the Director of Engineering at Oracle overseeing Java client development.  He is currently leading development of Java Deployment, Scene Builder, and JavaFX.  Joe has managed software engineering organizations for 25 years in a variety of product domains including Developer Tools, Distance Learning, Call Center Automation and Biotechnology.

New Java Security Dialogs for Java in the Browser + tech details.



What’s Cool


Comments:

I think requiring signing applets is the right path. It's a little harder to developers? It's their (well, our) job to understand and handle this kind of thing, not the users'.

I have one question, though:

Currently, when we sign an applet, it can run outside the sandbox (that means, it could read and/or write to any file the current user has access to, run native commands with Runtime.exec(), etc.). I think it asks for permission, but I think it's almost a given that now, when you accept to run a signed applet, you're authorising it to run outside the sandbox (otherwise, there would be little incentive to sign it in the first place) and do whatever it wants to your computer.

If all applets now will require signing and user approval to run, how can the user differentiate a sandboxed applet from a run-as-admin (windows users almost always are admin) applet?

Posted by Tetsuo on April 17, 2013 at 06:38 AM PDT #

Post a Comment:
Comments are closed for this entry.
About


The Java Spotlight Podcast will be relaunching in December with a new host (@steveonjava) and format. Please be patient while we work through the changes.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today